1. Field of the Invention
The present invention relates to an improved data processing system and, in particular, to a method and apparatus for information processing. Still more particularly, the present invention relates to privacy constraints on information processing.
2. Description of Related Art
The Internet has greatly facilitated the exchange of information for many purposes. Many applications now incorporate Internet-related standards, thereby enabling enterprises to collaborate over the Internet while maintaining private networks. As Internet-connected applications have become more sophisticated and as enterprises have become more knowledgeable about the business advantages that can be realized by cooperating across the Internet, enterprises have shown a desire to increase the level of collaboration, particularly through web services that incorporate newly developed standards.
Web services are self-contained, self-describing, modular applications that can be published, located, and invoked across the World Wide Web. Web services can perform a variety of simple functions or complicated business processes. Once a web service is deployed, other applications, including other web services, can discover and invoke the deployed service.
As with any other type of application, web services often require personally identifiable information (PII) in order to perform a transaction for a particular user, which may be as simple as an online purchase. Privacy laws require that some organizations allow users to control the personally identifiable information that is released and to whom it is released. Typical user attributes, such as a user's name, are included in the category of personally identifiable information, yet many computing environments have not included any means for user control over the release of user attributes. The demand for more privacy laws has increased as users have become more aware of the ways in which their private information can be abused.
While web services incorporate a standardized framework that allows enterprises to collaborate, it may not be possible for some enterprises to collaborate on certain transactions without sharing some of the personally identifiable information of their users. Collaboration between enterprises across the Internet is generally beneficial to enterprises and users, but users are demanding online privacy controls to maintain the confidentiality of personally identifiable information. Hence, enterprises need mechanisms to ensure that their collaborative partners will also maintain the confidentiality of their users' personally identifiable information. In other words, an enterprise needs a mechanism to ensure that any personally identifiable information of its users that it shares with a collaborative partner through a Web service will not be abused.
Although a web service framework does not necessarily require asynchronous messaging, enterprises are increasingly implementing web service architectures that incorporate an asynchronous event-based message routing infrastructure. In such environments, personally identifiable information would be shared among collaborative enterprises in a web service environment within the messages of the messaging infrastructure.
Therefore, in order to maintain the confidentiality of personally identifiable information that is associated with users of web services, it would be advantageous to provide privacy controls on the routing of messages that might contain personally identifiable information within the message routing infrastructure that is incorporated into those web services.